@lbu/server - npm Package Compare versions

Comparing version 0.0.55 to 0.0.56

index.d.ts

		@@ -43,2 +43,3 @@ // Original types from @types/koa & @types/koa-compose
		import { Logger } from "@lbu/insight";
		import { StoreFileStore } from "@lbu/store";
		import { AxiosInstance } from "axios";
		@@ -634,5 +635,2 @@ import { EventEmitter } from "events";
		* Return the request socket.
		*
		* @return {Connection}
		* @api public
		*/
		@@ -654,8 +652,3 @@ socket: Socket;
		* Pretty much the same as `this.request.is()`.
		*
		* @param {string\|array} types...
		* @return {string\|false}
		* @api public
		*/
		// is(): string;
		is(...types: string[]): string;
		@@ -937,2 +930,4 @@

		get(id: string): Promise<object \| boolean>;

		/**
		@@ -948,2 +943,4 @@ * set session object for key, with a maxAge (in ms)

		set(id: string, session: object, age: number): Promise<void>;

		/**
		@@ -953,2 +950,4 @@ * destroy session for key
		destroy(key: string): any;

		destroy(id: string): Promise<void>;
		}
		@@ -961,8 +960,15 @@
		/**
		* cookie key (default is koa:sess)
		* cookie key (default is process.env.APP_NAME.sess)
		*/
		key: string;
		key?: string;

		/**
		* maxAge in ms (default is 1 days)
		* Domain to set the cookie for
		* When development (default undefined)
		* When production (default process.env.COOKIE_URL)
		*/
		domain?: string;

		/**
		* maxAge in ms (default is 6 days)
		* "session" will result in a cookie that expires when session/browser is closed
		@@ -988,8 +994,15 @@ * Warning: If a session cookie is stolen, this cookie will never expire

		/**
		* Set and check signature cookie (default true)
		*/
		signed?: boolean;

		/**
		* Set Secure cookie, only available in https context (default process.env.NODE_ENV ===
		* "production")
		*/
		secure?: boolean;

		/**
		* Session cookie sameSite options (default null, don't set it)
		* Session cookie sameSite options (default "lax")
		*/
		@@ -1006,14 +1019,9 @@ sameSite?: "strict" \| "lax" \| boolean;
		* Renew session when session is nearly expired, so we can always keep user logged in.
		* (default is false)
		* (default is true)
		*/
		renew?: boolean; // Type definitions for koa-session 5.10 // Project:
		// https://github.com/koajs/session // Definitions by: Yu Hsin Lu
		// <https://github.com/kerol2r20> // Tomek Łaziuk
		// <https://github.com/tlaziuk> // Hiroshi Ioka
		// <https://github.com/hirochachacha> // Definitions:
		// https://github.com/DefinitelyTyped/DefinitelyTyped // TypeScript
		// Version: 2.8
		renew?: boolean;

		/**
		* You can store the session content in external stores(redis, mongodb or other DBs)
		* Use `newSessionStore` provided by `@lbu/store`
		*/
		@@ -1034,9 +1042,2 @@ store?: SessionStore;
		prefix?: string;

		/**
		* Tries to set the cookie domain and secure from the session _domain and _secure properties
		* respectively. Defaults to false.
		* Note that _domain and _secure are not returned when calling `ctx.session.toJSON()`.
		*/
		supportOptionOverwrites?: boolean;
		}
		@@ -1349,9 +1350,7 @@
		*/
		interface SendFileItem {
		id: string \| number;
		content_length: number;
		content_type: string;
		updated_at: Date;
		last_modified: Date;
		}
		type SendFileItem =
		\| StoreFileStore
		\| (Pick<StoreFileStore, "id" \| "contentLength" \| "contentType"> & {
		lastModified: Date;
		});

		@@ -1358,0 +1357,0 @@ /**

package.json

		{
		"name": "@lbu/server",
		"version": "0.0.55",
		"version": "0.0.56",
		"description": "Koa server and common middleware",
		@@ -19,4 +19,4 @@ "main": "./index.js",
		"dependencies": {
		"@lbu/insight": "0.0.55",
		"@lbu/stdlib": "0.0.55",
		"@lbu/insight": "0.0.56",
		"@lbu/stdlib": "0.0.56",
		"keygrip": "1.1.0",
		@@ -48,3 +48,3 @@ "koa": "2.13.0",
		},
		"gitHead": "2a2f8e2c3d46d542120f8547c3b5fec8075d717c"
		"gitHead": "f12fa243a540f13bd6351daf92df7e2b00c14e08"
		}

src/middleware/cors.js

		@@ -33,2 +33,3 @@ import { isStaging } from "@lbu/stdlib";
		allowMethods: ["GET", "PUT", "POST", "PATCH", "DELETE", "HEAD", "OPTIONS"],
		credentials: true,
		};
		@@ -35,0 +36,0 @@

src/middleware/error.js

		@@ -1,2 +0,2 @@
		import { AppError, isNil } from "@lbu/stdlib";
		import { AppError, isNil, isStaging } from "@lbu/stdlib";

		@@ -24,3 +24,3 @@ /**
		onError = onError \|\| defaultOnError;
		leakError = leakError === true;
		leakError = leakError === true \|\| (leakError === undefined && isStaging());

		@@ -27,0 +27,0 @@ return async (ctx, next) => {

src/middleware/sendFile.js

		@@ -10,4 +10,4 @@ import { isNil } from "@lbu/stdlib";
		ctx.set("Accept-Ranges", "bytes");
		ctx.set("Last-Modified", file.updated_at \|\| file.last_modified);
		ctx.type = file.content_type;
		ctx.set("Last-Modified", file.updatedAt \|\| file.lastModified);
		ctx.type = file.contentType;

		@@ -21,11 +21,11 @@ if (ctx.headers.range) {
		let start = range[1] ? parseInt(range[1]) : undefined;
		let end = range[2] ? parseInt(range[2]) : file.content_length;
		let end = range[2] ? parseInt(range[2]) : file.contentLength;

		if (end > file.content_length) {
		end = file.content_length - 1;
		if (end > file.contentLength) {
		end = file.contentLength - 1;
		}

		if (isNil(start) \|\| start > file.content_length) {
		start = file.content_length - end;
		end = file.content_length - 1;
		if (isNil(start) \|\| start > file.contentLength) {
		start = file.contentLength - end;
		end = file.contentLength - 1;
		}
		@@ -37,3 +37,3 @@
		ctx.set("Content-Length", String(chunkSize));
		ctx.set("Content-Range", `bytes ${start}-${end}/${file.content_length}`);
		ctx.set("Content-Range", `bytes ${start}-${end}/${file.contentLength}`);

		@@ -48,4 +48,4 @@ const { stream, cacheControl } = await getStreamFn(file, start, end);
		ctx.status = 416;
		ctx.set("Content-Length", String(file.content_length));
		ctx.set("Content-Range", `bytes */${file.content_length}`);
		ctx.set("Content-Length", String(file.contentLength));
		ctx.set("Content-Range", `bytes */${file.contentLength}`);

		@@ -60,3 +60,3 @@ const { stream, cacheControl } = await getStreamFn(file);
		} else {
		ctx.set("Content-Length", String(file.content_length));
		ctx.set("Content-Length", String(file.contentLength));

		@@ -63,0 +63,0 @@ const { stream, cacheControl } = await getStreamFn(file);

src/middleware/session.js

		@@ -1,2 +0,2 @@
		import { isNil, isProduction, isStaging, merge, uuid } from "@lbu/stdlib";
		import { isNil, isProduction, merge, uuid } from "@lbu/stdlib";
		import KeyGrip from "keygrip";
		@@ -21,6 +21,7 @@ import koaSession from "koa-session";
		key: `${process.env.APP_NAME.toLowerCase()}.sess`,
		maxAge: 10 * 24 * 60 * 60 * 1000,
		maxAge: 6 * 24 * 60 * 60 * 1000,
		renew: true,
		secure: isProduction(),
		sameSite: "Strict",
		domain: !isProduction() ? undefined : process.env.COOKIE_URL,
		sameSite: "lax",
		overwrite: true,
		@@ -35,6 +36,2 @@ httpOnly: true,

		if (opts?.supportOptionOverwrites) {
		options.externalKey = getSessionExternalKey(options);
		}

		return koaSession(options, app);
		@@ -58,41 +55,1 @@ }
		}

		/**
		* Custom cookies getter and setter
		* Allows setting _domain or _secure for specific domain support
		* @param options
		*/
		function getSessionExternalKey(options) {
		const staging = isStaging();
		const localhostRegex = /^http:\/\/localhost:\d{1,6}$/gi;

		return {
		get: (ctx) => {
		return ctx.cookies.get(options.key, options);
		},
		set: (ctx, value) => {
		if (staging) {
		ctx.cookies.set(options.key, value, {
		...options,
		sameSite: "Lax",
		});

		const header = ctx.get("origin");
		if (localhostRegex.test(header)) {
		// Set cookie for the requesting localhost domain
		// Allowing server side rendering access to the cookies
		ctx.cookies.set(options.key, value, {
		...options,
		secure: false,
		sameSite: "Lax",
		domain: header.substring(7),
		});
		}

		return;
		}

		return ctx.cookies.set(options.key, value, options);
		},
		};
		}

@lbu/server - npm Package Compare versions

New alerts

Fixed alerts

Worsened metrics

Dependency changes